draft-ietf-secsh-architecture-03.txt   draft-ietf-secsh-architecture-04.txt 
Network Working Group T. Ylonen Network Working Group T. Ylonen
INTERNET-DRAFT T. Kivinen INTERNET-DRAFT T. Kivinen
draft-ietf-secsh-architecture-03.txt M. Saarinen draft-ietf-secsh-architecture-04.txt M. Saarinen
Expires in six months T. Rinne Expires in six months T. Rinne
S. Lehtinen S. Lehtinen
SSH SSH
22 February 1999 22 June 1999
SSH Protocol Architecture SSH Protocol Architecture
Status of This memo Status of This Memo
This document is an Internet-Draft and is in full conformance This document is an Internet-Draft and is in full conformance
with all provisions of Section 10 of RFC2026. with all provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as other groups may also distribute working documents as
Internet-Drafts. Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six Internet-Drafts are draft documents valid for a maximum of six
skipping to change at page 2, line 22 skipping to change at page 2, line 22
3.3. Policy Issues . . . . . . . . . . . . . . . . . . . . . . . 4 3.3. Policy Issues . . . . . . . . . . . . . . . . . . . . . . . 4
3.4. Security Properties . . . . . . . . . . . . . . . . . . . . 5 3.4. Security Properties . . . . . . . . . . . . . . . . . . . . 5
3.5. Packet Size and Overhead . . . . . . . . . . . . . . . . . . 5 3.5. Packet Size and Overhead . . . . . . . . . . . . . . . . . . 5
3.6. Localization and Character Set Support . . . . . . . . . . . 6 3.6. Localization and Character Set Support . . . . . . . . . . . 6
4. Data Type Representations Used in the SSH Protocols . . . . . . 7 4. Data Type Representations Used in the SSH Protocols . . . . . . 7
4.1. Encoding of Network Addresses . . . . . . . . . . . . . . . 8 4.1. Encoding of Network Addresses . . . . . . . . . . . . . . . 8
5. Algorithm Naming . . . . . . . . . . . . . . . . . . . . . . . . 8 5. Algorithm Naming . . . . . . . . . . . . . . . . . . . . . . . . 8
6. Message Numbers . . . . . . . . . . . . . . . . . . . . . . . . 9 6. Message Numbers . . . . . . . . . . . . . . . . . . . . . . . . 9
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 9 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 9
8. Security Considerations . . . . . . . . . . . . . . . . . . . . 10 8. Security Considerations . . . . . . . . . . . . . . . . . . . . 10
9. References . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 9. Trademark Issues . . . . . . . . . . . . . . . . . . . . . . . . 10
10. Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 11 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 10
11. Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 11
1. Introduction 1. Introduction
SSH is a protocol for secure remote login and other secure network SSH is a protocol for secure remote login and other secure network
services over an insecure network. It consists of three major services over an insecure network. It consists of three major
components: components:
o Transport layer protocol [SSH-TRANS] provides server authentication, o Transport layer protocol [SSH-TRANS] provides server authentication,
confidentiality, and integrity. It may optionally also provide confidentiality, and integrity. It may optionally also provide
compression. The transport layer will typically be run over a TCP/IP compression. The transport layer will typically be run over a TCP/IP
skipping to change at page 10, line 26 skipping to change at page 10, line 29
When displaying text, such as error or debug messages to the user, the When displaying text, such as error or debug messages to the user, the
client software SHOULD replace any control characters (except tab, client software SHOULD replace any control characters (except tab,
carriage return and newline) with safe sequences to avoid attacks by carriage return and newline) with safe sequences to avoid attacks by
sending terminal control characters. sending terminal control characters.
Not using MAC or encryption SHOULD be avoided. The user authentication Not using MAC or encryption SHOULD be avoided. The user authentication
protocol is subject to man-in-the-middle attacks if the encryption is protocol is subject to man-in-the-middle attacks if the encryption is
disabled. The SSH protocol does not protect against message alteration disabled. The SSH protocol does not protect against message alteration
if no MAC is used. if no MAC is used.
9. References 9. Trademark Issues
SSH is a registered trademark and Secure Shell is a trademark of SSH
Communications Security Ltd. SSH Communications Security Ltd permits
the use of these trademarks as the name of this standard and protocol,
and permits their use to describe that a product conforms to this
standard, provided that the following acknowledgement is included
where the trademarks are used: ``SSH is a registered trademark and
Secure Shell is a trademark of SSH Communications Security Ltd
(www.ssh.fi)''. These trademarks may not be used as part of a product
name or in otherwise confusing manner without prior written permission
of SSH Communications Security Ltd.
10. References
[FIPS-186] Federal Information Processing Standards Publication (FIPS [FIPS-186] Federal Information Processing Standards Publication (FIPS
PUB) 186, Digital Signature Standard, 18 May 1994. PUB) 186, Digital Signature Standard, 18 May 1994.
[RFC-854] Postel, J. and Reynolds, J., "Telnet Protocol Specification", [RFC-854] Postel, J. and Reynolds, J., "Telnet Protocol Specification",
May 1983. May 1983.
[RFC-894] Hornig, C., "A Standard for the Transmission of IP Datagrams [RFC-894] Hornig, C., "A Standard for the Transmission of IP Datagrams
over Ethernet Networks", April 1984. over Ethernet Networks", April 1984.
skipping to change at page 11, line 12 skipping to change at page 11, line 28
[RFC-2044] Yergeau, F., "UTF-8, a Transformation Format of Unicode and [RFC-2044] Yergeau, F., "UTF-8, a Transformation Format of Unicode and
ISO 10646", October 1996. ISO 10646", October 1996.
[RFC-2119] Bradner, S., "Key words for use in RFCs to indicate [RFC-2119] Bradner, S., "Key words for use in RFCs to indicate
Requirement Levels", March 1997 Requirement Levels", March 1997
[Schneier] Schneier, B., "Applied Cryptography Second Edition", John [Schneier] Schneier, B., "Applied Cryptography Second Edition", John
Wiley & Sons, New York, NY, 1995. Wiley & Sons, New York, NY, 1995.
[SSH-TRANS] Ylonen, T., et al, "SSH Transport Layer Protocol", Internet [SSH-TRANS] Ylonen, T., et al, "SSH Transport Layer Protocol", Internet
Draft, draft-ietf-secsh-transport-05.txt Draft, draft-ietf-secsh-transport-06.txt
[SSH-USERAUTH] Ylonen, T., et al, "SSH Authentication Protocol", [SSH-USERAUTH] Ylonen, T., et al, "SSH Authentication Protocol",
Internet Draft, draft-ietf-secsh-userauth-05.txt Internet Draft, draft-ietf-secsh-userauth-06.txt
[SSH-CONNECT] Ylonen, T., et al, "SSH Connection Protocol", Internet [SSH-CONNECT] Ylonen, T., et al, "SSH Connection Protocol", Internet
Draft, draft-ietf-secsh-connect-05.txt Draft, draft-ietf-secsh-connect-06.txt
10. Authors' Addresses 11. Authors' Addresses
Tatu Ylonen Tatu Ylonen
SSH Communications Security Ltd. SSH Communications Security Ltd.
Tekniikantie 12 Tekniikantie 12
FIN-02150 ESPOO FIN-02150 ESPOO
Finland Finland
E-mail: ylo@ssh.fi E-mail: ylo@ssh.fi
Tero Kivinen Tero Kivinen
SSH Communications Security Ltd. SSH Communications Security Ltd.
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/